Univention Bugzilla – Bug 50393
apache2: Multiple issues (4.3)
Last modified: 2019-10-23 15:28:17 CEST
New Debian apache2 2.4.25-3+deb9u9A~4.3.5.201910210929 fixes: This update addresses the following issue: * limited cross-site scripting in mod_proxy error page (CVE-2019-10092)
--- mirror/ftp/4.3/unmaintained/4.3-5/source/apache2_2.4.25-3+deb9u8A~4.3.4.201908270838.dsc +++ apt/ucs_4.3-0-errata4.3-5/source/apache2_2.4.25-3+deb9u9A~4.3.5.201910210703.dsc @@ -1,9 +1,15 @@ -2.4.25-3+deb9u8A~4.3.4.201908270838 [Tue, 27 Aug 2019 13:14:27 +0200] Univention builddaemon <buildd@univention.de>: +2.4.25-3+deb9u9A~4.3.5.201910210703 [Mon, 21 Oct 2019 09:32:09 +0200] Univention builddaemon <buildd@univention.de>: * UCS auto build. The following patches have been applied to the original source package 05-autostart-setting 10-apache2-reload 20-no-proxy + +2.4.25-3+deb9u9 [Sun, 13 Oct 2019 17:43:54 +0200] Stefan Fritsch <sf@debian.org>: + + [ Xavier Guimard ] + * Use correct patch for CVE-2019-10092. This fixes a regression in + mod_proxy_balancer (Closes: #941202) 2.4.25-3+deb9u8 [Mon, 19 Aug 2019 21:25:31 +0200] Stefan Fritsch <sf@debian.org>: <http://10.200.17.11/4.3-5/#6462405825171795014>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.3-5] 43e102e9bb Bug #50393: apache2 2.4.25-3+deb9u9A~4.3.5.201910210703 doc/errata/staging/apache2.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+)
<http://errata.software-univention.de/ucs/4.3/603.html>